After a discussion about computer security with a fairly computer-literate friend, I was asked to perform various vulnerability scans on his system remotely. He gave me his IP address at the same time as I ran "netstat" to obtain it and both came out to be the same number but just to be sure a WHOIS was run and the IP was listed as belonging to his ISP. An nmap scan and an "xscan" (windows-based vulnerability scanner) were started against this IP and port 23 was found to be open so I attempted a TELNET and was greeted with a fairly suprising "WARNING" message that included the real DNS name of the computer I was scanning (which happened to be a server belonging to his ISP). All scans were halted immediately and both of us wrote apology letters to the ISP explaining this mistake.
My question is this: How could this have happened? Both "winipcfg" in his Windows 98 system as well as his client software told him his IP was this as well as a "netstat /a" from my system. Thank you for comments, Alex Petrosian [EMAIL PROTECTED] _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html